Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/4uXzRUZkN5fTUGlWjok9az5dnR4.roa
File: 4uXzRUZkN5fTUGlWjok9az5dnR4.roa (raw, json)
Hash identifier: s5VITyrLWZ6D21ufpBJILiv0XIUrO2ODT67thoIfrZk=
Subject key identifier: E2:E5:F3:45:46:64:37:97:D3:50:69:56:8E:89:3D:6B:3E:5D:9D:1E
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 0192B5126EEA6499A9582A395616F6498B54
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/4uXzRUZkN5fTUGlWjok9az5dnR4.roa
Signing time: Tue 22 Oct 2024 16:32:17 +0000
ROA not before: Tue 22 Oct 2024 16:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4809
IP address blocks: 5.10.136.112/29 maxlen: 29
5.10.136.208/30 maxlen: 30
5.10.137.0/24 maxlen: 24
5.10.138.0/24 maxlen: 24
5.10.139.0/24 maxlen: 24
5.10.140.0/24 maxlen: 24
5.10.141.8/30 maxlen: 30
5.10.141.136/30 maxlen: 30
5.10.142.0/24 maxlen: 24
5.10.143.0/24 maxlen: 24
5.154.132.0/24 maxlen: 24
5.154.133.0/24 maxlen: 24
5.154.136.0/24 maxlen: 24
5.154.137.0/24 maxlen: 24
5.154.138.0/24 maxlen: 24
5.154.139.0/24 maxlen: 24
5.154.140.0/24 maxlen: 24
5.154.141.0/24 maxlen: 24
5.154.158.0/24 maxlen: 24
5.154.159.0/24 maxlen: 24
145.14.64.0/24 maxlen: 24
145.14.65.0/24 maxlen: 24
145.14.66.0/24 maxlen: 24
145.14.67.0/24 maxlen: 24
145.14.68.0/24 maxlen: 24
145.14.69.0/24 maxlen: 24
145.14.70.0/24 maxlen: 24
145.14.71.0/24 maxlen: 24
145.14.72.0/24 maxlen: 24
145.14.73.0/24 maxlen: 24
145.14.74.0/24 maxlen: 24
145.14.75.0/24 maxlen: 24
145.14.76.0/24 maxlen: 24
145.14.77.0/24 maxlen: 24
145.14.78.0/24 maxlen: 24
145.14.79.0/24 maxlen: 24
145.14.80.0/24 maxlen: 24
145.14.81.0/24 maxlen: 24
145.14.82.0/24 maxlen: 24
145.14.83.0/24 maxlen: 24
145.14.84.0/24 maxlen: 24
145.14.85.0/24 maxlen: 24
145.14.86.0/24 maxlen: 24
145.14.87.0/24 maxlen: 24
145.14.88.0/24 maxlen: 24
145.14.89.0/24 maxlen: 24
145.14.90.0/24 maxlen: 24
145.14.91.0/24 maxlen: 24
145.14.92.0/24 maxlen: 24
145.14.93.0/24 maxlen: 24
185.75.172.0/24 maxlen: 24
185.75.173.0/24 maxlen: 24
185.75.174.0/24 maxlen: 24
2a04:f580:9000::/48 maxlen: 48
2a04:f580:9001::/48 maxlen: 48
2a04:f580:9002::/48 maxlen: 48
2a04:f580:9010::/48 maxlen: 48
2a04:f580:9012::/48 maxlen: 48
2a04:f580:9013::/48 maxlen: 48
2a04:f580:9020::/48 maxlen: 48
2a04:f580:9030::/48 maxlen: 48
2a04:f580:9040::/48 maxlen: 48
2a04:f580:9050::/48 maxlen: 48
2a04:f580:9060::/48 maxlen: 48
2a04:f580:9070::/48 maxlen: 48
2a04:f580:9080::/48 maxlen: 48
2a04:f580:9090::/48 maxlen: 48
2a04:f580:9200::/48 maxlen: 48
2a04:f580:9201::/48 maxlen: 48
2a04:f580:9202::/48 maxlen: 48
2a04:f580:9210::/48 maxlen: 48
2a04:f580:9212::/48 maxlen: 48
2a04:f580:9213::/48 maxlen: 48
2a04:f580:9220::/48 maxlen: 48
2a04:f580:9230::/48 maxlen: 48
2a04:f580:9240::/48 maxlen: 48
2a04:f580:9250::/48 maxlen: 48
2a04:f580:9260::/48 maxlen: 48
2a04:f580:9270::/48 maxlen: 48
2a04:f580:9280::/48 maxlen: 48
2a04:f580:9290::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b5:12:6e:ea:64:99:a9:58:2a:39:56:16:f6:49:8b:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Oct 22 16:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2e5f34546643797d35069568e893d6b3e5d9d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f3:68:64:9d:c3:6d:c4:b2:c5:d7:db:86:49:
94:5a:47:d9:0c:1d:f4:00:c6:8c:ed:27:79:d5:b7:
a2:22:90:e5:96:62:c1:c5:99:57:7e:ae:e2:b5:e4:
83:5d:9d:9b:57:c6:21:87:49:d2:a7:86:87:63:c0:
f8:6d:9e:14:22:2e:a6:c1:ec:e8:db:76:8e:ba:6d:
34:11:b2:19:c6:79:52:81:c6:a2:47:54:05:48:ec:
02:da:60:ec:5b:f4:ad:2a:2e:3b:e7:43:4b:3b:64:
0d:1f:58:be:f2:75:ef:d6:54:45:05:e3:74:f4:8f:
fd:a9:35:4c:7b:39:78:b6:b1:37:f3:ef:77:c7:97:
21:9e:81:c9:94:16:f4:24:00:f4:6f:21:cf:b5:05:
4f:b3:4b:42:d7:80:1e:f5:37:fe:f2:69:cd:fc:4d:
03:2f:21:cb:55:f1:2f:95:09:b5:99:25:df:0a:4b:
7f:15:4f:9f:6e:ba:38:64:45:5c:04:8e:a8:de:dc:
9a:86:d3:36:0f:72:d5:e7:0d:e3:9e:f1:8c:e6:a0:
1c:6a:86:91:88:c8:e9:7d:fc:b5:dd:f5:70:58:8c:
77:c3:b6:4b:58:2e:87:9e:21:28:ea:2b:24:e5:11:
7b:4b:c9:78:b4:e4:b8:15:52:0c:2f:6b:74:86:fe:
46:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:E5:F3:45:46:64:37:97:D3:50:69:56:8E:89:3D:6B:3E:5D:9D:1E
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/4uXzRUZkN5fTUGlWjok9az5dnR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.136.112/29
5.10.136.208/30
5.10.137.0-5.10.140.255
5.10.141.8/30
5.10.141.136/30
5.10.142.0/23
5.154.132.0/23
5.154.136.0-5.154.141.255
5.154.158.0/23
145.14.64.0-145.14.93.255
185.75.172.0-185.75.174.255
IPv6:
2a04:f580:9000::-2a04:f580:9002:ffff:ffff:ffff:ffff:ffff
2a04:f580:9010::/48
2a04:f580:9012::/47
2a04:f580:9020::/48
2a04:f580:9030::/48
2a04:f580:9040::/48
2a04:f580:9050::/48
2a04:f580:9060::/48
2a04:f580:9070::/48
2a04:f580:9080::/48
2a04:f580:9090::/48
2a04:f580:9200::-2a04:f580:9202:ffff:ffff:ffff:ffff:ffff
2a04:f580:9210::/48
2a04:f580:9212::/47
2a04:f580:9220::/48
2a04:f580:9230::/48
2a04:f580:9240::/48
2a04:f580:9250::/48
2a04:f580:9260::/48
2a04:f580:9270::/48
2a04:f580:9280::/48
2a04:f580:9290::/48
Signature Algorithm: sha256WithRSAEncryption
c0:a2:55:8b:2c:ba:ff:a5:72:dd:52:a1:df:da:e8:4d:ed:46:
5e:27:5d:93:ab:58:e0:33:f2:e9:3c:88:56:28:22:25:d8:df:
d9:a4:57:2b:5f:d8:98:05:61:67:9e:eb:af:47:3a:3e:35:12:
a4:b3:99:58:9a:03:b1:9e:c8:90:95:0f:03:5e:1c:3b:15:26:
21:af:82:ac:72:28:e6:53:81:3e:c7:73:1e:d3:e6:25:89:4b:
2d:1c:14:91:2e:64:0f:fb:54:72:eb:0c:54:e4:46:6a:35:65:
ac:43:69:2c:ef:8f:77:b1:ea:6a:f0:8e:ee:66:31:b9:51:79:
ea:b1:94:56:89:85:c6:8b:8e:d1:ed:23:f0:0f:00:83:1e:dc:
93:1f:9c:e6:bb:c8:e7:e9:a2:66:f5:af:c0:b4:62:1b:55:3d:
fd:c4:66:cc:9e:f0:7c:03:c0:82:be:6c:60:46:ae:2e:d5:e4:
fe:ca:26:75:d7:a2:f3:c0:b8:ea:8b:bf:4d:91:93:b3:70:09:
4a:92:60:9e:52:8b:06:bd:18:ff:d1:e9:37:04:1e:2e:ba:cf:
99:66:1a:35:1c:c3:cf:e3:f3:c9:c3:1d:66:40:57:fa:9c:d5:
1e:ef:26:e0:5e:52:c0:1b:74:ef:b6:19:e1:48:8b:96:2e:32:
ae:bc:d4:00
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgISAZK1Em7qZJmpWCo5Vhb2SYtUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjQxMDIyMTYzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmU1ZjM0NTQ2NjQzNzk3ZDM1MDY5NTY4ZTg5M2Q2YjNlNWQ5ZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPNoZJ3DbcSyxdfbhkmUWkfZDB30
AMaM7Sd51beiIpDllmLBxZlXfq7iteSDXZ2bV8Yhh0nSp4aHY8D4bZ4UIi6mwezo
23aOum00EbIZxnlSgcaiR1QFSOwC2mDsW/StKi4750NLO2QNH1i+8nXv1lRFBeN0
9I/9qTVMezl4trE38+93x5chnoHJlBb0JAD0byHPtQVPs0tC14Ae9Tf+8mnN/E0D
LyHLVfEvlQm1mSXfCkt/FU+fbro4ZEVcBI6o3tyahtM2D3LV5w3jnvGM5qAcaoaR
iMjpffy13fVwWIx3w7ZLWC6HniEo6isk5RF7S8l4tOS4FVIML2t0hv5GnQIDAQAB
o4IDUzCCA08wHQYDVR0OBBYEFOLl80VGZDeX01BpVo6JPWs+XZ0eMB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvNHVYelJVWmtONWZUVUdsV2pvazlhejVkblI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZwYIKwYBBQUHAQcBAf8EggFWMIIBUjBsBAIAATBmAwUD
BQqIcAMFAgUKiNAwDAMEAAUKiQMEAAUKjAMFAgUKjQgDBQIFCo2IAwQBBQqOAwQB
BZqEMAwDBAMFmogDBAEFmowDBAEFmp4wDAMEBpEOQAMEAZEOXDAMAwQCuUusAwQA
uUuuMIHhBAIAAjCB2jARAwYEKgT1gJADBwAqBPWAkAIDBwAqBPWAkBADBwEqBPWA
kBIDBwAqBPWAkCADBwAqBPWAkDADBwAqBPWAkEADBwAqBPWAkFADBwAqBPWAkGAD
BwAqBPWAkHADBwAqBPWAkIADBwAqBPWAkJAwEQMGASoE9YCSAwcAKgT1gJICAwcA
KgT1gJIQAwcBKgT1gJISAwcAKgT1gJIgAwcAKgT1gJIwAwcAKgT1gJJAAwcAKgT1
gJJQAwcAKgT1gJJgAwcAKgT1gJJwAwcAKgT1gJKAAwcAKgT1gJKQMA0GCSqGSIb3
DQEBCwUAA4IBAQDAolWLLLr/pXLdUqHf2uhN7UZeJ12Tq1jgM/LpPIhWKCIl2N/Z
pFcrX9iYBWFnnuuvRzo+NRKks5lYmgOxnsiQlQ8DXhw7FSYhr4KscijmU4E+x3Me
0+YliUstHBSRLmQP+1Ry6wxU5EZqNWWsQ2ks7493sepq8I7uZjG5UXnqsZRWiYXG
i47R7SPwDwCDHtyTH5zmu8jn6aJm9a/AtGIbVT39xGbMnvB8A8CCvmxgRq4u1eT+
yiZ116LzwLjqi79NkZOzcAlKkmCeUosGvRj/0ek3BB4uus+ZZho1HMPP4/PJwx1m
QFf6nNUe7ybgXlLAG3TvthnhSIuWLjKuvNQA
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:15:00 2024 by rpki-client on console-ams.rpki-client.org